my original page is http://www.stahlbaron.de/
since 2 days, http://www.joma-topflex.ru/ is pointing to my page. I realized this and added ALLOWED_HOSTS = ['.stahlbaron.de'], but didnot help. the bad URL still pointing to my page.
what can I do? I used nginx, uwsgi to deploy the page. Ngix doesnot have deny www.joma-topflex.ru; option unfortunately.
There are two possibilities:
The owner of the copy actually stole your code and the database, which is unlikely. This can be easily checked — just add a change to some page on your website and see if it appears on the doppelgaenger. If the copy is independent then nothing will change there. Don't forget to use Ctrl+F5 to avoid seeing cached contents.
If this is the case, you can report abuse to the copy's hosting provider. In fact, you should do it in any case.
If that copy is just a proxied mirror to your website, blocking its IP will solve the problem. You can do it in Nginx by modifying your configuration like this:
geo $bad_client {
default 0;
78.47.49.3/32 1;
}
server {
...
if ($bad_client) {
return 403;
}
add_header X-Frame-Options SAMEORIGIN;
...
}
This is also a good idea to set the header X-Frame-Options to SAMEORIGIN (see the example above), which guarantees that nobody will make a copy of your site on another domain using an iframe.
EDIT:
And now this just gets funny. What happens here is this: some (probably long) time ago someone bought a hosting package from Hetzner, registered the domain www.joma-topflex.ru and pointed it to the IP that Hetzner had given him or her. And that IP was, as you might have guessed by now, 78.47.49.3.
After a while this person probably lost interest to the project and stopped paying to Hetzner. Hetzner, in turn, reassigned the IP to the new client — you. But the domain name www.joma-topflex.ru had never been pointed to another IP by the domain's owner, which often happens to abandoned projects.
So, there is actually no bad guy here. The owner of www.joma-topflex.ru likely doesn't even know that his domain works once again.
The real problem here is your Nginx configuration, which proxies any request to your server to your Django application. What you need to do is explicitly set your domain as the only acceptable server name like this:
server {
# Delete any other server_name you find around and add this:
server_name www.stahlbaron.de;
...
}
The funny part is, you can use domain www.joma-topflex.ru as long as it points to your server. For example, you can add another server block to your Nginx configuration, set directive server_name with "www.joma-topflex.ru" and use it for another Django application, or whatever else you like.
EDIT 2:
Incidentally, the domain joma-topflex.ru is paid till 2015.04.26 and most likely will not be prolonged. In other words, you can even do nothing and the problem will solve itself in two days.
Related
I am new to this topic and was just watching a tutorial and the dude said you would have to buy and monthly pay for a domain.
I get that you would want someone else to host your website for IT-security reasons. Which is really not expensive.
But say I want to just access my server data like my music, my images and videos from anywhere and I know how to make a website. The domain name is not important for me, I dont need it to be fancy. Do I always have to buy a right to use a (unspecific but fixed) domain?
How does it work? Thanks!
Edit1: (to specify) I read that hosting the website yourself is not safe. I want to let someone host my website, serve data (like images and videos) to this website or to the client from my home-server.
A domain is just an entry in the worldwide DNS servers. This makes it easier to find your server(s). You do not need to have one. Instead you can use your IP address that you 'get' from your ISP. You must make sure that your router, that you got from your ISP, directs the request to your server.
An other means is that you find a free redirect service like dyndns. They give you a servername that will redirect automatically to your IP address given by your ISP.
If you let someone host your website then he will provide you with a URL under which you can access your server. In fact this is not a domain but a server in his domain. Hosting your website that runs on your desktop can be unsafe. If you use a dedicated cheap server than it is less unsafe but complete safety is, unfortunately, not possible.
so I've followed the documentation of Amazon's S3 and Route 53 to host a static website.
it worked perfectly and the next day my site was online. I kept updating my index.html afterward with small stuff like extra Text here and there and so far I had no issues, it would every time update the site to reflect the new changes. Until suddenly I visit my website and get a "server IP address could not be found" and I cannot reach my website.
I checked dnschecker.org and internic.net to verify the DNS status of my site, and it showed everything green. I created an Availability test in the Route 53 dashboard and it returns 200 OK.
I also made sure the 4 server names from the Hosted Zone match the ones internic is returning.
so apparently every service says that my site is reachable, but it's not. I have not changed any Public Access options since the first time after I've initially done it using the documentation.
I have also tried reaching the site from a different browser, different PC, and from my phone. they all cannot reach the website.
I absolutely have no idea what to do, to get my site back running. I would very much appreciate some insight.
Footnote: I am very new to this, so please let me know if I need to provide extra information
so it turned out the reason is that I was on the college's Network and somehow my website got delisted from their DNS server (I don't have an exact explanation, just an observation).
my website loaded using Data on my phone and also if I turned on a VPN on my PC. so basically its a DNS problem
I created this question earlier but was told that it is a DNS issue as apposed to an issue with HSTS. Regardless, here is what I need help troubleshooting:
Issue:
A single site (one that I own), is showing server DNS address could not be found. DNS_PROBE_FINISHED_NXDOMAIN when I try to connect to it via chrome, firefox, or safari. I can however connect to it via Tor Browser. I can also verify that the address resolves correctly using mxtoolbox. I also am not able to connect via two other computers and two other phones. I also am not able to connect via a different WIFI connection or personal hotspot via my phone. Curl and Host via the command line are also not able to get a response.
What I've tried:
As I said above, I've tried different internet connections and computers. I've also tried flushing my DNS cache and pointing to another DNS server.
Having said that, I am not sure how else to trouble shoot this. The only change I made to the web app was to add HSTS headers, hence why I created the earlier posing. Please let me know what other information I can provide. Otherwise, here are some details about the site itself:
Other information about my stack:
Django web app
Gunicorn / WSGI server
Hosted on Heroku - Cedar-14 stack
DNS setup with AWS route53
domain name registered through AWS
EDIT:
Possibly related: https://serverfault.com/questions/606880/how-can-i-troubleshoot-a-route-53-hosted-zone
I had the similar issue and was not able to open Facebook. Rest all sites were working fine. Initially, I thought Facebook blocked me as I never faced this crappy issue earlier. Later when I searched in Google, I found an article which described the DNS_PROBE_FINISHED_NXDOMAIN issue on Chrome.
I just changed my DNS server address as 8.8.8.8 (preferred) and 8.8.4.4 (alternate) and I never faced that issue again.
Reference - https://www.mobipicker.com/dns_probe_finished_nxdomain/
So from our discussion regarding the NS server records always make sure that the local NS records matches the Parent NS records.
In your case there there were 2 extra NS records associated with your domain that was the reason why your domains and sub domains were acting unhealthy. once you deleted those records the domains and sub domains were back to normal.
you can also try to open an anon window
access the url
use it in anon mode
or
close it and it will load ok
I have an django based website that's presented through gunicorn with nginx as reverse proxy. It's on port 81.The relevant portion of the configuration file looks like this:
upstream elearning_server {
server localhost:8000;
}
server {
listen 81;
......
If you go to:
http://webaddress:81
the first time after you log in, it removes the port number and fails to connect to the website. If you then put the port number back into the url it works fine.
Has anyone got any suggestions of what I can try to fix this problem.
What is happening is that your web server, as part of the login process is 'redirecting' your browser to a different web address. The problem is that the web address your browser is being redirected to doesn't exist, because it is being redirected to the wrong web address. When you modify the web address, you are correcting this error.
Obviously the solution is to correct this problem in the code, so you are sent straight to the correct web address without you needing to correct this.
The solution depends on your code. It is worth looking at it with the following in mind.
Is there something like:
return HttpResponseRedirect('http://website/dir/')
in your code somewhere? This would need to be altered to include the port number, i.e
return HttpResponseRedirect('http://website:81/dir/')
Or, even better,
return HttpResponseRedirect('/dir/')
(This will mean that it won't matter what port the server is on, because the redirect is 'relative'. This would be the usual way to code this sort of thing.)
If a quick perusal of the source doesn't cast any light, I would suggest that the next step would be to look in the access logs (and maybe error logs) from the web server, and look for '3xx' type messages, probably '301' and '302' messages, and this may give you some clue as to what is happening, and where in the code.
We are presently rewriting an in-production Django site. We would like to deploy the new site in parallel with the old site, and slowly divert traffic from old to new using the following scheme:
New accounts go to the new site
Existing accounts go to the old site
Existing accounts may be offered the opportunity to opt in to the new site
Accounts diverted to the new site may opt out and be returned to the old site
It's clear to me that a cookie is involved, and that Nginx is capable of rewriting requests based on a cookie:
Nginx redirect if cookie present
How do I run two rails apps behind the same domain and have nginx route requests based on cookie?
How the cookie gets set remains a bit of a mystery to me. It seems like a chicken-and-egg problem. Has anyone successfully run a scheme like this? How did you do it?
I think the most suitable solution for you problem would be:
Nginx at every request should check for some specific cookie, route
If it's presented and equals old, request goes to a old site
Otherwise request goes to the new site.
Every site (new and old) should check request for that cookie (route)
If cookie isn't presented (or wrong), your app should set it to the right value, and if request is for that site, just proceed it.
If not, it should send redirect, and we begin again with step 1